add consul
This commit is contained in:
parent
d995c5e4ff
commit
528ecd8bea
4 changed files with 62 additions and 21 deletions
|
@ -54,16 +54,16 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1635835164,
|
||||
"narHash": "sha256-E8MI6D+uX5O7MJwfEa+MZb7L9tonbbn4VZDkqkLZeQc=",
|
||||
"lastModified": 1635844945,
|
||||
"narHash": "sha256-tZcL307dj28jgEU1Wdn+zwG9neyW0H2+ZjdVhvJxh9g=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "94d91a448b87a70204485bd768977c07575911e8",
|
||||
"rev": "b67e752c29f18a0ca5534a07661366d6a2c2e649",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable-small",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
|
16
flake.nix
16
flake.nix
|
@ -2,7 +2,7 @@
|
|||
description = "Delft Deployment";
|
||||
|
||||
inputs.deploy-rs.url = "github:serokell/deploy-rs";
|
||||
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
|
||||
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
|
||||
outputs = { self, nixpkgs, deploy-rs }: {
|
||||
nixosConfigurations.bastion = nixpkgs.lib.nixosSystem {
|
||||
|
@ -30,6 +30,11 @@
|
|||
modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/nginx/configuration.nix ];
|
||||
};
|
||||
|
||||
nixosConfigurations.consul = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/consul/configuration.nix ];
|
||||
};
|
||||
|
||||
deploy.nodes.bastion = {
|
||||
hostname = "10.42.42.4";
|
||||
fastConnection = true;
|
||||
|
@ -75,6 +80,15 @@
|
|||
};
|
||||
};
|
||||
|
||||
deploy.nodes.consul = {
|
||||
hostname = "10.42.42.14";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.consul;
|
||||
};
|
||||
};
|
||||
|
||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
||||
};
|
||||
}
|
||||
|
|
41
hosts/consul/configuration.nix
Normal file
41
hosts/consul/configuration.nix
Normal file
|
@ -0,0 +1,41 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
# Import common config
|
||||
../../common/generic-lxc.nix
|
||||
../../common
|
||||
];
|
||||
|
||||
networking.hostName = "vault";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.05"; # Did you read the comment?
|
||||
|
||||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
# Vault
|
||||
networking.firewall.allowedTCPPorts = [ 8200 ];
|
||||
|
||||
services.vault = {
|
||||
enable = true;
|
||||
# bin version includes the UI
|
||||
package = pkgs.vault-bin;
|
||||
address = "0.0.0.0:8200";
|
||||
storageBackend = "file";
|
||||
storagePath = "/var/lib/vault";
|
||||
extraConfig = ''
|
||||
ui = true
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -11,7 +11,7 @@
|
|||
../../common
|
||||
];
|
||||
|
||||
networking.hostName = "vault";
|
||||
networking.hostName = "consul";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
|
@ -24,19 +24,5 @@
|
|||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
# Vault
|
||||
networking.firewall.allowedTCPPorts = [ 8200 ];
|
||||
|
||||
services.vault = {
|
||||
enable = true;
|
||||
# bin version includes the UI
|
||||
package = pkgs.vault-bin;
|
||||
address = "0.0.0.0:8200";
|
||||
storageBackend = "file";
|
||||
storagePath = "/var/lib/vault";
|
||||
extraConfig = ''
|
||||
api_addr = "10.42.42.6:8200"
|
||||
ui = true
|
||||
'';
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ ];
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue